When a user of a conventional smart phone wishes to obtain access to a protected computerize resource of the smart phone, the user may need to provide a one-time passcode (OTP) (e.g., by reading the OTP from a hardware token and manually entering the OTP into the smart phone). The smart phone then sends the OTP over a network (e.g., a computer network, a cellular network, etc.) to an authentication manager. If the authentication manager is able to match the OTP from the user to an expected OTP, the authentication manager provides an authentication signal indicating that the user has successfully authenticated and allowing the user to access the protected computerize resource. However, if the authentication manager is unable to match the OTP from the user to the expected OTP, the authentication manager provides an authentication signal indicating that user authentication is unsuccessful and denying access to the protected computerized resource. In some situations, the user is then able to retry authentication or is challenged to authenticate in a different manner (e.g., step up authentication).
Similarly, when a user of a conventional desktop computer wishes to obtain access to a protected computerized resource, the user may need to provide an OTP to the conventional desktop computer. The conventional desktop computer then sends the OTP to an authentication manager over a network. In some situations, if authentication with the authentication manager is successful, the authentication manager provides the user with access to the protected computerize resource as well as loads a day file containing a day's worth of future OTPs into the desktop computer. With the day file loaded into the desktop computer, the user is able to locally authenticate within the same day at the desktop computer using the day file without needing to communicate again with the authentication manager. In some situations, the authentication manager loads a week's worth of OTPs (e.g., multiple day files) into the desktop computer.